Now Eurostar admits to data breach - urges customers to change passwords

Eurostar claims that no payment details have been compromised

Eurostar is the latest organisation to admit to a major data breach, with the company urging customers to change their passwords ASAP.

It claims to have detected an "unauthorised attempt" to break-in to its IT systems and access customer accounts, and sent out warning emails to customers this week.

In it, Eurostar warns about an "unauthorised automated attempt to access Eurostar accounts using your email address and passwords".

It continues: "We've since carried out an investigation which shows that your account was logged into between the 15 and 19 October. If you didn't log-in during this period, there's a possibility your account was accessed by this unauthorised attempt," the email continues.

https://twitter.com/DamienAFC/status/1057276151452917761?ref\\_src=twsrc%5Etfw

The company is urging customers to reset their account password and keep an eye out for "anything unusual". However, Eurostar is adamant that credit card and payment details weren't accessed in the breach, claiming that "we never store such information on Eurostar.com accounts".

It adds: "This email was sent after we identified what we believe to be an unauthorised automated attempt to access customer accounts, so as a precaution, we asked all account holders to reset their password," a Eurostar spokesperson said.

"We deliberately never store any payment details or bank card information, so there is no possibility of those being compromised".

Eurostar says it's flagged the breach to the Information Commissioner's Office (ICO), who confirmed that it's "making enquiries".

Eurostar joins a long line of companies hit by data breaches in recent months. Great Western Railway announced an attempt affecting around 1,000 customers earlier this year, and both British Airways and Cathay Pacific admitted to major compromises in October - although in Cathay Pacific's case the breach was actually in March.

IT security failings are, increasingly, costing CISOs, CIOs and CEOs their jobs.

With business utterly dependent on IT, it's not enough for senior executives to dismiss security as ‘techie stuff'. At Computing's Enterprise Security & Risk Management Live event, hear from the National Crime Agency, ex-hackers and big-business CISOs to learn about how they are tackling cyber security.

For more information, check out the dedicated event website. Attendance is FREE to IT leaders and senior IT pros.